You are viewing the documentation for Blueriq 17. Documentation for other versions is available in our documentation directory.

Requirements

Logging out with the JWT Authentication Provider is only supported when using the Blueriq Gateway Service as a backend for frontend.

When the user logs out from a Blueriq application, there are two possible outcomes:

  • the user logs out from Blueriq only
  • the user logs out from both Blueriq and the identity provider, effectively ending the Single-Sign-On session


The outcome is controlled through the blueriq.security.jwt.sso-logout property: when set to true, a logout from Blueriq will also trigger a logout in the Blueriq Gateway Service.

When using SSO logout, the blueriq.security.jwt.logout-path property must be correctly configured, either by setting the property or by discovery. If the logout-path property is not set it will default to /logout.

Example Configuration

In order to enable SSO logout, sso-logout property must be true, optionally the logout-path property can be override when the Blueriq Gateway Service is running behind an other path the /logout.



application.properties

blueriq.security.jwt.sso-logout=true
blueriq.security.jwt.logout-path=/auth/logout